An effective approach to counter application layer DDoS attacks

2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12) Pub Date : 2012-07-26 DOI:10.1109/ICCCNT.2012.6395941

S. Devi, P. Yogesh

{"title":"An effective approach to counter application layer DDoS attacks","authors":"S. Devi, P. Yogesh","doi":"10.1109/ICCCNT.2012.6395941","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) attacks are posing major threat to today's essential Internet service because of its ability to create a huge volume of unwanted traffic. It is hard to detect and respond to DDoS attacks due to large and complex network environments. It becomes more serious when such attacks occur during the flash crowd. Both Flash crowds and DDoS attacks have very similar properties in terms of internet traffic; however Flash crowds are legitimate flows and DDoS attacks are illegitimate flows. This paper proposes a scheme to counter application layer DDoS attack and to schedule the flash crowd during DDoS attacks. In this scheme, an Access Matrix is defined to capture the access patterns of the legitimate clients and the normal flash crowd. Dimensionality reduction schemes are applied to reduce the multidimensional Access Matrix. A counter-mechanism consisting of a suspicion assignment mechanism and a scheduler is deployed. The suspicion mechanism assigns a score to each client session, and the scheduler decides whether to forward the session's requests or to drop the request based on the suspicion score.","PeriodicalId":364589,"journal":{"name":"2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2012-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCNT.2012.6395941","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 15

Abstract

Distributed Denial of Service (DDoS) attacks are posing major threat to today's essential Internet service because of its ability to create a huge volume of unwanted traffic. It is hard to detect and respond to DDoS attacks due to large and complex network environments. It becomes more serious when such attacks occur during the flash crowd. Both Flash crowds and DDoS attacks have very similar properties in terms of internet traffic; however Flash crowds are legitimate flows and DDoS attacks are illegitimate flows. This paper proposes a scheme to counter application layer DDoS attack and to schedule the flash crowd during DDoS attacks. In this scheme, an Access Matrix is defined to capture the access patterns of the legitimate clients and the normal flash crowd. Dimensionality reduction schemes are applied to reduce the multidimensional Access Matrix. A counter-mechanism consisting of a suspicion assignment mechanism and a scheduler is deployed. The suspicion mechanism assigns a score to each client session, and the scheduler decides whether to forward the session's requests or to drop the request based on the suspicion score.

查看原文本刊更多论文

一种对抗应用层DDoS攻击的有效方法

分布式拒绝服务(DDoS)攻击对当今重要的互联网服务构成了重大威胁，因为它能够产生大量不需要的流量。由于网络环境庞大而复杂，DDoS攻击检测和响应难度较大。当这种攻击发生在快闪人群时，情况会变得更加严重。Flash人群和DDoS攻击在互联网流量方面具有非常相似的属性;然而，Flash人群是合法流，而DDoS攻击是非法流。本文提出了一种抵御应用层DDoS攻击的方案，并对DDoS攻击期间的flash人群进行调度。在该方案中，定义了访问矩阵来捕获合法客户端和正常flash人群的访问模式。采用降维方法对多维访问矩阵进行降维。部署了一个由怀疑分配机制和调度程序组成的反机制。怀疑机制为每个客户端会话分配一个分数，调度器根据怀疑分数决定是转发会话的请求还是放弃请求。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12)

自引率

0.00%

发文量